5 results (0.013 seconds)

CVSS: 4.9EPSS: 0%CPEs: 202EXPL: 0

Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime. • https://cert.vde.com/en/advisories/VDE-2023-006 • CWE-20: Improper Input Validation CWE-1288: Improper Validation of Consistency within Input •

CVSS: 4.9EPSS: 0%CPEs: 202EXPL: 0

Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet. • https://cert.vde.com/en/advisories/VDE-2023-006 • CWE-20: Improper Input Validation CWE-1288: Improper Validation of Consistency within Input •

CVSS: 7.5EPSS: 0%CPEs: 156EXPL: 0

WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are prone to a loss of MAC-Address-Filtering after reboot. This may allow an remote attacker to circumvent the reach the network that should be protected by the MAC address filter. WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller en varias versiones son propensos a perder el filtrado de direcciones MAC tras el reinicio. Esto puede permitir a un atacante remoto omitir el alcance de la red que debería estar protegida por el filtro de direcciones MAC • https://cert.vde.com/en/advisories/VDE-2022-042 • CWE-440: Expected Behavior Violation •

CVSS: 9.1EPSS: 0%CPEs: 54EXPL: 0

On WAGO PFC200 devices in different firmware versions with special crafted packets an authorised attacker with network access to the device can access the file system with higher privileges. En los dispositivos WAGO PFC200 en diferentes versiones de firmware con paquetes especiales diseñados, un atacante autorizado con acceso de red al dispositivo puede acceder al sistema de archivos con mayores privilegios • https://cert.vde.com/en-us/advisories/vde-2021-014 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.5EPSS: 0%CPEs: 54EXPL: 0

On WAGO PFC200 devices in different firmware versions with special crafted packets an attacker with network access to the device could cause a denial of service for the login service of the runtime. En dispositivos WAGO PFC200 en diferentes versiones de firmware con paquetes especiales diseñados, un atacante con acceso de red al dispositivo podría causar una denegación de servicio para el servicio de inicio de sesión del tiempo de ejecución • https://cert.vde.com/en-us/advisories/vde-2021-014 • CWE-770: Allocation of Resources Without Limits or Throttling •